<?php

/**
 * MVM_MALL 网上商店系统  后台管理引导
 * ============================================================================
 * 版权所有 (C) 2007-2010 www.mvmmall.com，并保留所有权利。
 * 网站地址: http://www.mvmmall.com
 * ----------------------------------------------------------------------------
 * 这是一个免费开源的软件；这意味着您可以在不用于商业目的的前提下对程序代码
 * 进行修改、使用和再发布。
 * ============================================================================
 * $Author:  www.mvmmall.com  $
 * $Date: 2008-06-12 $
 * $Id: admincp.php www.mvmmall.com$
 * ---------------------------------------------
*/
define('IN_ADMINCP', TRUE);
$m_check_uid      = false;
$admin_check_rank = false;
$admincp_login    = false;
require_once 'include/common.inc.php';
$skin             = 'admincp';
$module           = dhtmlchars($module);
$action           = dhtmlchars($action);
$admincp_login    = $_SESSION['user']['mvm_admincp_login'];
$admincp_time     = $_SESSION['user']['mvm_admincp_time'];
if (file_exists(MVMMALL_ROOT.'./language/'.$mm_lang.'/admin/lang_'.$module.'.php') && file_exists(MVMMALL_ROOT.'./language/'.$mm_lang.'/lang_common.php')) {
	include MVMMALL_ROOT.'./language/'.$mm_lang.'/admin/lang_'.$module.'.php';
	include MVMMALL_ROOT.'./language/'.$mm_lang.'/lang_common.php';
} else {
	exit('Pack included in error');
}
if(!$m_check_id || !$admincp_login && !$admincp_time){
    require_once MVMMALL_ROOT.'admin/login.inc.php';
    exit;
}
$add_muster  = array('add','export','uploadsql','query','down');//写的动作集合
$edit_muster = array('edit','import','uploadsql','query','repair','down','merge','up_goods','up_goods');//编辑动作集合
$del_muster  = array('del','query','all_delete');//删除的动作集合
$see_muster  = array('list','goods_price','delimg');//浏览的动作集合
//参数集合判断
$action_id = false;
if(in_array($action,$add_muster,TRUE)) {
    $action_id  = 1;//写
} elseif (in_array($action,$edit_muster,TRUE)) {
     $action_id = 2;//编辑
} elseif (in_array($action,$del_muster,TRUE)) {
     $action_id = 3;//删除
} elseif (in_array($action,$see_muster,TRUE)) {
     $action_id = 4;//浏览
} else {
  $action_id =  $module == 'index' ? 4:false;
}
//权限判断
if($mm_adminid==1) {
    $admincp_rank = array();
    $admincp_rank = explode(',',$mvm_rank_list);
    foreach ($admincp_rank as $key=>$val) {
        $admincp_action = explode(':',$val);
        if (in_array($module,$admincp_action,TRUE) && in_array($action_id,$admincp_action)) {
            $admin_check_rank=1;
            break;
        } else {
            $admin_check_rank= 0;
        }
    }
}  else {
   admin_msg('admin_acess');
}
if ($admin_check_rank==1 || $m_check_uid==1){
    /**后台登陆记录**/
    if($m_user_ip && ($module!='database' && $action!='import')) {
        $url_referer = dreferer();
        $query="INSERT INTO `{$tablepre}manager_table` set
                manager_id	    =	'$m_check_id',
                manager_name	=	'$m_check_name',
                manager_file	=	'$_SERVER[SCRIPT_FILENAME]',
                manager_referer	=	'$url_referer',
                manager_config	=	'$_SERVER[HTTP_USER_AGENT]',
                manager_mode1	=	'$module',
                manager_mode2	=	'$action',
                manager_ip	    =	'$m_user_ip',
                register_date	=	'$m_now_time'";
       // $db->query($query);
    }
    $cpscript =  MVMMALL_ROOT.'./admin/'.$module.'.inc.php';
    if(!file_exists($cpscript)){
        exit('文件不存在');
    }else {
        require_once MVMMALL_ROOT.'./admin/'.$module.'.inc.php';
    }
    /**end**/
} else {
    admin_msg('admin_acess');
}


function admin_msg($title,$url='')
{
	@extract($GLOBALS, EXTR_SKIP);
	global $lang;
	$str = $lang[$title];
	if ($url == "") {
		$jump='';
	}elseif ($url == "close") {
		$url = "window.close()";
		if ($str != "") { echo "<script language='javascript'>alert('$str');$url;</script>"; }
		else { echo "<script language='javascript'>$url;</script>"; }
	}else {
		$jump = "<meta http-equiv=\"refresh\" content=\"4;url=$url\"/>";
	}
	require_once template('showmsg');
	$output = str_replace(array('<!--<!---->','<!---->',"\r",substr(MVMMALL_ROOT,0,-1)),'',ob_get_contents());
	ob_end_clean();
	echo $output; unset($output);
	exit;
}
  function make_dir($folder) {
    $reval = false;
    if (!file_exists($folder)) {
      @umask(0);
      preg_match_all('/([^\/]*)\/?/i', $folder, $atmp);
      $base = ($atmp[0][0] == '/') ? '/' : '';
      foreach($atmp[1]AS $val) {
        if ('' != $val) {
          $base .= $val;

          if ('..' == $val || '.' == $val) {
            $base .= '/';

            continue;
          }
        } else {
          continue;
        }

        $base .= '/';

        if (!file_exists($base)) {
          if (@mkdir($base, 0777)) {
            @chmod($base, 0777);
            $reval = true;
          }
        }
      }
    } else {
      $reval = is_dir($folder);
    }
    clearstatcache();
    return $reval;
  }
 
function tpl_array($dir_path='./templates',$file='') {
    $m_mall_skin = get_dirinfo($dir_path,$file);
    for($i =0 ; $i<count($m_mall_skin) ; $i++) {
        if($m_mall_skin[$i]!='admincp'){
            $key = str_replace('.html', '', $m_mall_skin[$i]);
            $arr[$key] = $key;
        }
    }
    return $arr;
}
//取得商品编码
function goods_code($goods_id)
{
    global $db,$tablepre,$mm_gods_prefix;
    $goods_code = $mm_gods_prefix. str_repeat('0', 6 - strlen($goods_id)) . $goods_id;
    $query = "SELECT goods_code FROM `{$tablepre}goods_table` WHERE goods_code LIKE '" . $goods_code . "%' AND uid <> '$goods_id' " ." ORDER BY LENGTH(goods_code) DESC";
    $sn_list = $db->get_one($query);
    if (in_array($goods_code, $sn_list)){
        $max = pow(10, strlen($sn_list[0]) - strlen($goods_code) + 1) - 1;
        $new_sn = $goods_code . mt_rand(0, $max);
        while (in_array($new_sn, $sn_list)){
            $new_sn = $goods_code . mt_rand(0, $max);
        }
        $goods_code = $new_sn;
    }
    return $goods_code;
}


